Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Unable to load new virus protection software


  • Please log in to reply

#1
THMontano

THMontano

    New Member

  • Member
  • Pip
  • 7 posts
I currently have Macfee virus protection that seems to automatically turn off regardless of how many times I turn it back on. I've tried installing avast software and the install does not go past showing the set up indicator. It just disappears. I was told by an avast tech that my events log was the source of the problem, but I was not confident in this assessment as it required payment of $169 dollars. Please see the information from OTL scan below:

OTL logfile created on: 1/21/2013 4:46:57 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\TH Montano\Downloads
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

4.00 Gb Total Physical Memory | 1.58 Gb Available Physical Memory | 39.59% Memory free
8.17 Gb Paging File | 2.45 Gb Available in Paging File | 29.95% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 454.36 Gb Total Space | 229.40 Gb Free Space | 50.49% Space Free | Partition Type: NTFS
Drive D: | 11.40 Gb Total Space | 1.21 Gb Free Space | 10.57% Space Free | Partition Type: NTFS
Drive E: | 57.60 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive G: | 446.77 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: UDF
Drive H: | 930.86 Gb Total Space | 812.17 Gb Free Space | 87.25% Space Free | Partition Type: NTFS

Computer Name: THMONTANO-PC | User Name: TH Montano | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - File not found --
PRC - [2013/01/21 16:46:33 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\TH Montano\Downloads\OTL.exe
PRC - [2013/01/21 16:42:32 | 000,396,288 | ---- | M] (Trend Micro Inc.) -- C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe
PRC - [2013/01/19 11:52:53 | 006,516,280 | ---- | M] (AVAST Software) -- C:\Users\TH Montano\AppData\Local\Temp\_av_sfx.tm~a06108\avast.setup
PRC - [2013/01/19 11:52:00 | 093,654,616 | ---- | M] () -- C:\Users\TH Montano\AppData\Local\Temp\ssdl4698.exe
PRC - [2013/01/14 20:58:42 | 028,792,472 | ---- | M] (Dropbox, Inc.) -- C:\Users\TH Montano\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2012/12/23 22:13:16 | 000,976,728 | ---- | M] (Trusteer Ltd.) -- C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
PRC - [2012/12/18 08:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/11/22 10:29:16 | 003,290,304 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2012/11/07 16:29:30 | 001,673,048 | ---- | M] (Trusteer Ltd.) -- C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe
PRC - [2012/10/17 00:46:34 | 001,573,576 | ---- | M] (Ask) -- C:\Program Files (x86)\Ask.com\Updater\Updater.exe
PRC - [2012/10/09 10:53:36 | 004,441,920 | ---- | M] (Akamai Technologies, Inc.) -- C:\Users\TH Montano\AppData\Local\Akamai\netsession_win.exe
PRC - [2012/10/01 17:04:36 | 000,212,432 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Update\1.3.21.123\GoogleCrashHandler.exe
PRC - [2012/05/01 08:28:02 | 000,024,576 | ---- | M] (doubleTwist Corporation) -- C:\Program Files (x86)\doubleTwist 2.0\DoubleTwist.DeviceHelper.exe
PRC - [2012/02/27 03:52:20 | 000,038,248 | ---- | M] (Mindjet) -- C:\Program Files (x86)\Mindjet\MindManager 10\MmReminderService.exe
PRC - [2011/06/17 11:33:04 | 000,272,528 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee Security Scan\3.0.207\SSScheduler.exe
PRC - [2010/09/14 13:45:30 | 000,045,056 | ---- | M] (Intuit) -- C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
PRC - [2009/10/01 02:22:42 | 000,131,072 | ---- | M] (Intuit, Inc.) -- C:\Program Files (x86)\Intuit\QuickBooks 2009\QBDBMgrN.exe
PRC - [2009/01/12 08:54:02 | 000,669,520 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
PRC - [2008/12/09 08:32:06 | 000,055,120 | ---- | M] (NewSoft Technology Corporation) -- C:\Program Files (x86)\NewSoft\Presto! PageManager 8 for EP\PMSpeed.exe
PRC - [2008/06/13 11:06:50 | 000,034,096 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\HPTouchSmartSyncCalReminderApp.exe
PRC - [2008/06/13 11:06:48 | 000,021,296 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\GCalService.exe
PRC - [2008/05/27 15:19:42 | 000,032,768 | ---- | M] (SHARP CORPORATION) -- C:\Program Files (x86)\SHARP\Sharpdesk\SharpTray.exe
PRC - [2008/05/26 02:28:04 | 000,704,512 | ---- | M] (SHARP CORPORATION) -- C:\Program Files (x86)\SHARP\Sharpdesk\FTPServer.exe
PRC - [2008/05/26 02:21:08 | 000,548,864 | ---- | M] (SHARP CORPORATION) -- C:\Program Files (x86)\SHARP\Sharpdesk\nsapp.exe
PRC - [2008/05/24 12:40:24 | 000,463,360 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\Hewlett-Packard\HP KEYBOARD\HPKEYBOARD.EXE
PRC - [2008/05/15 18:09:34 | 000,080,176 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Controls\Controls.exe
PRC - [2008/05/15 18:02:54 | 003,590,960 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\Hewlett-Packard\TouchSmart\SmartCenter 2.0\SmartCenter.exe
PRC - [2008/05/15 18:00:46 | 000,080,176 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Messages\Messages.exe
PRC - [2008/05/15 04:27:44 | 000,180,313 | ---- | M] () -- C:\Program Files (x86)\SHARP\Printer Status Monitor\Smon.exe
PRC - [2008/05/03 14:15:46 | 000,065,536 | ---- | M] (Hewlett-Packard) -- c:\Program Files (x86)\Hewlett-Packard\HP Touch Screen Enhance Service\HPTSEnProxy.exe
PRC - [2008/05/03 14:15:42 | 000,101,376 | ---- | M] (Hewlett-Packard) -- c:\Program Files (x86)\Hewlett-Packard\HP Touch Screen Enhance Service\HPTSEnSrv.EXE
PRC - [2008/04/24 14:59:36 | 000,202,024 | ---- | M] (CyberLink) -- C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
PRC - [2008/04/24 14:59:26 | 001,135,912 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe
PRC - [2008/04/18 17:32:22 | 002,199,552 | ---- | M] () -- C:\Program Files (x86)\HP\Buttons & OSDs control application gen2\MediaButtons.exe
PRC - [2008/04/09 18:01:46 | 000,102,400 | ---- | M] () -- C:\WINDOWS\SysWOW64\OSDForm.exe
PRC - [2008/01/18 09:04:56 | 003,641,344 | ---- | M] (Analog Devices, Inc.) -- C:\Program Files (x86)\Analog Devices\SoundMAX\SoundMAX.exe
PRC - [2007/04/18 09:01:34 | 000,065,536 | ---- | M] (Hewlett-Packard Company) -- C:\hp\support\hpsysdrv.exe


========== Modules (No Company Name) ==========

MOD - [2013/01/19 11:52:00 | 093,654,616 | ---- | M] () -- C:\Users\TH Montano\AppData\Local\Temp\ssdl4698.exe
MOD - [2013/01/19 09:00:56 | 000,998,400 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\f042f66c2ad8fd5b8c34fa22cd22079e\System.Management.ni.dll
MOD - [2013/01/19 08:55:47 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\56e40fa3c6d2f2a4200ee4e11fce57e7\System.ServiceProcess.ni.dll
MOD - [2013/01/19 08:55:39 | 000,025,600 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Accessibility\9b2eef59d0cfc5aff182d0951de5f040\Accessibility.ni.dll
MOD - [2013/01/19 08:54:57 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\004bc6615f9c06df5c98859d35149fe6\System.Configuration.ni.dll
MOD - [2013/01/19 08:54:51 | 005,450,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\b757806657fa5db2b1ed1a89b026b463\System.Xml.ni.dll
MOD - [2013/01/19 08:54:27 | 012,433,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\0c3da9004b277959e24a9fd606d3dd05\System.Windows.Forms.ni.dll
MOD - [2013/01/19 08:54:15 | 001,593,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\78157a494dc9a7e52be8840decfcd9cc\System.Drawing.ni.dll
MOD - [2013/01/19 08:52:17 | 007,977,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\cc149d08e75f8c53cd28ac926b38c370\System.ni.dll
MOD - [2013/01/19 08:52:00 | 011,492,352 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\2227d1559f87943255069398608d5c56\mscorlib.ni.dll
MOD - [2013/01/07 18:06:22 | 000,460,392 | ---- | M] () -- C:\Users\TH Montano\AppData\Local\Google\Chrome\Application\24.0.1312.52\ppgooglenaclpluginchrome.dll
MOD - [2013/01/07 18:06:21 | 012,459,624 | ---- | M] () -- C:\Users\TH Montano\AppData\Local\Google\Chrome\Application\24.0.1312.52\PepperFlash\pepflashplayer.dll
MOD - [2013/01/07 18:06:19 | 004,012,648 | ---- | M] () -- C:\Users\TH Montano\AppData\Local\Google\Chrome\Application\24.0.1312.52\pdf.dll
MOD - [2013/01/07 18:05:29 | 000,598,120 | ---- | M] () -- C:\Users\TH Montano\AppData\Local\Google\Chrome\Application\24.0.1312.52\libglesv2.dll
MOD - [2013/01/07 18:05:28 | 000,124,520 | ---- | M] () -- C:\Users\TH Montano\AppData\Local\Google\Chrome\Application\24.0.1312.52\libegl.dll
MOD - [2013/01/07 18:05:25 | 001,553,000 | ---- | M] () -- C:\Users\TH Montano\AppData\Local\Google\Chrome\Application\24.0.1312.52\ffmpegsumo.dll
MOD - [2012/11/14 04:01:40 | 011,492,352 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7ad9c44df3b85848590e63f13fc59804\mscorlib.ni.dll
MOD - [2012/10/05 04:59:08 | 005,025,792 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
MOD - [2012/10/05 04:59:03 | 003,194,880 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
MOD - [2012/10/05 04:59:03 | 000,630,784 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
MOD - [2012/08/21 17:18:44 | 000,557,056 | ---- | M] () -- C:\Program Files (x86)\Trusteer\Rapport\bin\js32.dll
MOD - [2012/05/28 14:43:20 | 000,520,464 | ---- | M] () -- C:\ProgramData\Trusteer\Rapport\store\exts\RapportMS\39624\RapportMS.dll
MOD - [2012/05/01 08:27:23 | 000,228,864 | ---- | M] () -- C:\Program Files (x86)\doubleTwist 2.0\WmdmDevice.dll
MOD - [2012/05/01 08:27:07 | 000,085,504 | ---- | M] () -- C:\Program Files (x86)\doubleTwist 2.0\WIA.dll
MOD - [2012/02/27 03:51:34 | 000,151,376 | ---- | M] () -- C:\Program Files (x86)\Mindjet\MindManager 10\zlib.dll
MOD - [2012/02/13 05:02:15 | 001,249,280 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\WindowsBase\3.0.0.0__31bf3856ad364e35\WindowsBase.dll
MOD - [2012/02/13 05:02:09 | 005,283,840 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\PresentationFramework\3.0.0.0__31bf3856ad364e35\PresentationFramework.dll
MOD - [2012/02/13 05:02:04 | 004,214,784 | ---- | M] () -- C:\Windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll
MOD - [2011/12/26 20:51:23 | 005,251,072 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
MOD - [2011/09/27 06:23:00 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/09/27 06:22:40 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011/03/17 00:11:16 | 004,297,568 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2010/10/20 15:45:26 | 008,801,120 | ---- | M] () -- C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll
MOD - [2010/08/26 15:58:29 | 000,034,816 | ---- | M] () -- C:\Program Files (x86)\Google\Google Desktop Search\gzlib.dll
MOD - [2009/03/29 22:42:20 | 002,048,000 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.Xml.dll
MOD - [2009/03/29 22:42:19 | 000,303,104 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
MOD - [2009/03/29 22:42:18 | 000,970,752 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
MOD - [2009/03/29 22:42:18 | 000,372,736 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
MOD - [2009/03/29 22:42:17 | 000,425,984 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.dll
MOD - [2009/03/29 22:42:13 | 000,659,456 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
MOD - [2009/03/29 22:42:10 | 000,010,752 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
MOD - [2009/02/18 12:39:19 | 000,098,304 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\UIAutomationTypes\3.0.0.0__31bf3856ad364e35\UIAutomationTypes.dll
MOD - [2009/02/18 12:39:19 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\UIAutomationProvider\3.0.0.0__31bf3856ad364e35\UIAutomationProvider.dll
MOD - [2009/02/18 12:39:17 | 000,196,608 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\PresentationFramework.Aero\3.0.0.0__31bf3856ad364e35\PresentationFramework.Aero.dll
MOD - [2008/12/22 08:50:28 | 000,135,168 | ---- | M] () -- C:\Program Files (x86)\Epson Software\Event Manager\Assistants\Scan Assistant\ScanEngine.dll
MOD - [2008/11/21 12:58:42 | 000,057,344 | ---- | M] () -- C:\Program Files (x86)\Epson Software\Event Manager\Assistants\Scan Assistant\Satwain.dll
MOD - [2008/07/16 07:40:42 | 000,894,256 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LUZHP\2.0.0.0__5b744bac3e20de8f\LUZHP.dll
MOD - [2008/07/16 07:40:35 | 000,022,888 | ---- | M] () -- C:\Windows\assembly\GAC_32\HPTSEnUsr\1.0.0.0__661cda25fd3dfad3\HPTSEnUsr.dll
MOD - [2008/07/16 07:40:35 | 000,016,232 | ---- | M] () -- C:\Windows\assembly\GAC_32\HPTSEnCmn\1.0.0.0__9384b804f3886685\HPTSEnCmn.dll
MOD - [2008/05/26 02:42:02 | 000,434,176 | ---- | M] () -- C:\Program Files (x86)\SHARP\Sharpdesk\SCprMfpif.dll
MOD - [2008/05/26 02:34:24 | 000,006,144 | ---- | M] () -- C:\Program Files (x86)\SHARP\Sharpdesk\discoveryps.dll
MOD - [2008/05/26 02:28:18 | 000,217,088 | ---- | M] () -- C:\Program Files (x86)\SHARP\Sharpdesk\FtpServerps.dll
MOD - [2008/05/15 17:36:04 | 000,208,896 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\TouchSmart\SmartCenter 2.0\SmartCenter.XmlSerializers.dll
MOD - [2008/05/15 17:35:52 | 000,065,536 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Controls\Controls.XmlSerializers.dll
MOD - [2008/05/15 17:35:50 | 000,057,344 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Messages\Messages.XmlSerializers.dll
MOD - [2008/05/15 04:31:02 | 000,086,016 | ---- | M] () -- C:\Program Files (x86)\SHARP\Printer Status Monitor\Resources\resSMON2enu.dll
MOD - [2008/05/15 04:30:52 | 000,094,208 | ---- | M] () -- C:\Program Files (x86)\SHARP\Printer Status Monitor\Resources\resSH4enu.dll
MOD - [2008/05/15 04:30:08 | 000,094,208 | ---- | M] () -- C:\Program Files (x86)\SHARP\Printer Status Monitor\Resources\resSH3enu.dll
MOD - [2008/05/15 04:29:00 | 000,094,208 | ---- | M] () -- C:\Program Files (x86)\SHARP\Printer Status Monitor\Resources\resC2Xenu.dll
MOD - [2008/05/15 04:28:58 | 000,073,728 | ---- | M] () -- C:\Program Files (x86)\SHARP\Printer Status Monitor\Resources\resT651enu.dll
MOD - [2008/05/15 04:28:28 | 000,094,208 | ---- | M] () -- C:\Program Files (x86)\SHARP\Printer Status Monitor\Resources\resSHDEVICEenu.dll
MOD - [2008/05/15 04:28:12 | 000,065,536 | ---- | M] () -- C:\Program Files (x86)\SHARP\Printer Status Monitor\Resources\resAR507enu.dll
MOD - [2008/05/15 04:27:54 | 000,139,264 | ---- | M] () -- C:\Program Files (x86)\SHARP\Printer Status Monitor\Resources\resAR200enu.dll
MOD - [2008/05/15 04:27:44 | 000,180,313 | ---- | M] () -- C:\Program Files (x86)\SHARP\Printer Status Monitor\Smon.exe
MOD - [2008/05/15 04:27:38 | 000,135,263 | ---- | M] () -- C:\Program Files (x86)\SHARP\Printer Status Monitor\Adapters\Sh4.dll
MOD - [2008/05/15 04:27:30 | 000,127,071 | ---- | M] () -- C:\Program Files (x86)\SHARP\Printer Status Monitor\Adapters\Sh3.dll
MOD - [2008/05/15 04:27:22 | 000,127,076 | ---- | M] () -- C:\Program Files (x86)\SHARP\Printer Status Monitor\Adapters\ShDevice.dll
MOD - [2008/05/15 04:27:14 | 000,094,305 | ---- | M] () -- C:\Program Files (x86)\SHARP\Printer Status Monitor\Adapters\T651.dll
MOD - [2008/05/15 04:27:10 | 000,114,783 | ---- | M] () -- C:\Program Files (x86)\SHARP\Printer Status Monitor\Adapters\C2x.dll
MOD - [2008/05/15 04:27:04 | 000,028,766 | ---- | M] () -- C:\Program Files (x86)\SHARP\Printer Status Monitor\SMONPDB.DLL
MOD - [2008/05/15 04:27:00 | 000,065,635 | ---- | M] () -- C:\Program Files (x86)\SHARP\Printer Status Monitor\Adapters\Ar507.dll
MOD - [2008/05/15 04:26:58 | 000,061,534 | ---- | M] () -- C:\Program Files (x86)\SHARP\Printer Status Monitor\MIBaccs.dll
MOD - [2008/05/15 04:26:54 | 000,094,307 | ---- | M] () -- C:\Program Files (x86)\SHARP\Printer Status Monitor\Adapters\Ar200.dll
MOD - [2008/05/15 04:26:50 | 000,106,496 | ---- | M] () -- C:\Program Files (x86)\SHARP\Printer Status Monitor\CMSnmpWrapper.dll
MOD - [2008/04/24 14:59:42 | 000,783,656 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMediaLibrary.dll
MOD - [2008/04/24 14:59:34 | 000,013,096 | ---- | M] () -- c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvcPS.dll
MOD - [2008/04/18 17:32:22 | 002,199,552 | ---- | M] () -- C:\Program Files (x86)\HP\Buttons & OSDs control application gen2\MediaButtons.exe
MOD - [2008/04/09 18:01:46 | 000,102,400 | ---- | M] () -- C:\WINDOWS\SysWOW64\OSDForm.exe
MOD - [2007/01/21 23:11:16 | 000,131,072 | ---- | M] () -- C:\Program Files (x86)\SHARP\Printer Status Monitor\SMONIPRV.dll
MOD - [2007/01/09 04:25:30 | 000,034,352 | ---- | M] () -- c:\Program Files (x86)\CyberLink\Shared Files\richvideops.dll
MOD - [2006/11/07 20:22:14 | 000,036,864 | ---- | M] () -- C:\Program Files (x86)\HP\Buttons & OSDs control application gen2\BRIGHTNESS.dll
MOD - [2005/11/24 02:25:50 | 000,774,144 | ---- | M] () -- C:\Program Files (x86)\SHARP\Printer Status Monitor\CMSnmp2.dll


========== Services (SafeList) ==========

SRV:64bit: - [2012/11/16 21:10:22 | 000,383,608 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee\VirusScan\mcods.exe -- (McODS)
SRV:64bit: - [2012/11/09 06:37:30 | 000,177,680 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Windows\SysNative\mfevtps.exe -- (mfevtp)
SRV:64bit: - [2012/11/09 06:34:50 | 000,218,320 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe -- (mfefire)
SRV:64bit: - [2012/11/09 06:33:08 | 000,241,016 | ---- | M] () [Auto | Stopped] -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe -- (McShield)
SRV:64bit: - [2012/08/31 13:20:06 | 000,201,304 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McProxy)
SRV:64bit: - [2012/08/31 13:20:06 | 000,201,304 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McNASvc)
SRV:64bit: - [2012/08/31 13:20:06 | 000,201,304 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McNaiAnn)
SRV:64bit: - [2012/08/31 13:20:06 | 000,201,304 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (mcmscsvc)
SRV:64bit: - [2012/08/31 13:20:06 | 000,201,304 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McMPFSvc)
SRV:64bit: - [2012/08/31 13:20:06 | 000,201,304 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McAfee SiteAdvisor Service)
SRV:64bit: - [2008/07/15 15:09:48 | 000,111,616 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\SysNative\AEADISRV.EXE -- (AEADIFilters)
SRV:64bit: - [2008/01/20 20:47:32 | 000,383,544 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2013/01/19 09:20:03 | 000,251,400 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/12/23 22:13:16 | 000,976,728 | ---- | M] (Trusteer Ltd.) [Auto | Running] -- C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe -- (RapportMgmtService)
SRV - [2012/12/18 08:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/11/22 10:29:16 | 003,290,304 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2012/11/19 10:02:55 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/11/12 12:31:59 | 004,539,712 | ---- | M] () [Auto | Running] -- c:\program files (x86)\common files\akamai/netsession_win_ce5ba24.dll -- (Akamai)
SRV - [2012/09/28 18:12:44 | 000,832,664 | ---- | M] (McAfee, Inc.) [Auto | Stopped] -- C:\WINDOWS\Temp\0185781358648089mcinst.exe -- (0185781358648089mcinstcleanup)
SRV - [2012/06/07 18:12:14 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2011/06/17 11:33:04 | 000,237,008 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\McAfee Security Scan\3.0.207\McCHSvc.exe -- (McComponentHostService)
SRV - [2010/09/14 13:45:30 | 000,045,056 | ---- | M] (Intuit) [Auto | Running] -- C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe -- (QBCFMonitorService)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/10/01 02:22:42 | 000,131,072 | ---- | M] (Intuit, Inc.) [On_Demand | Running] -- C:\Program Files (x86)\Intuit\QuickBooks 2009\QBDBMgrN.exe -- (QuickBooksDB19)
SRV - [2009/03/29 22:42:14 | 000,066,368 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/11/18 14:45:28 | 000,061,440 | ---- | M] (Intuit Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe -- (QBFCService)
SRV - [2008/07/16 08:15:41 | 001,245,064 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe -- (Symantec Core LC)
SRV - [2008/06/13 11:06:48 | 000,021,296 | ---- | M] (Hewlett-Packard) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\GCalService.exe -- (CalendarSynchService)
SRV - [2008/05/03 14:15:42 | 000,101,376 | ---- | M] (Hewlett-Packard) [Auto | Running] -- c:\Program Files (x86)\Hewlett-Packard\HP Touch Screen Enhance Service\HPTSEnSrv.EXE -- (HP Touch Screen Enhance)
SRV - [2007/12/16 22:00:00 | 000,163,840 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE -- (EPSON_EB_RPCV4_01)
SRV - [2007/01/10 22:02:00 | 000,126,464 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE -- (EPSON_PM_RPCV4_01)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/12/23 22:13:34 | 000,101,688 | ---- | M] (Trusteer Ltd.) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\RapportKE64.sys -- (RapportKE64)
DRV:64bit: - [2012/11/09 06:40:24 | 000,069,672 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\cfwids.sys -- (cfwids)
DRV:64bit: - [2012/11/09 06:37:42 | 000,339,776 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mfewfpk.sys -- (mfewfpk)
DRV:64bit: - [2012/11/09 06:36:30 | 000,106,112 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mferkdet.sys -- (mferkdet)
DRV:64bit: - [2012/11/09 06:35:50 | 000,771,096 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfehidk.sys -- (mfehidk)
DRV:64bit: - [2012/11/09 06:34:58 | 000,515,528 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfefirek.sys -- (mfefirek)
DRV:64bit: - [2012/11/09 06:34:18 | 000,309,400 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeavfk.sys -- (mfeavfk)
DRV:64bit: - [2012/11/09 06:33:58 | 000,178,840 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mfeapfk.sys -- (mfeapfk)
DRV:64bit: - [2012/08/21 12:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/07/09 12:42:54 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012/04/20 16:40:58 | 000,196,440 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HipShieldK.sys -- (HipShieldK)
DRV:64bit: - [2012/02/29 07:52:46 | 000,016,384 | ---- | M] (Microsoft Corporation) [Recognizer | System | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/07/27 12:48:14 | 000,014,952 | ---- | M] (Windows ® Codename Longhorn DDK provider) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\iPodDrv.sys -- (iPodDrv)
DRV:64bit: - [2010/11/11 04:01:20 | 001,212,416 | ---- | M] (AVerMedia TECHNOLOGIES, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\AVerAVF2.sys -- (AVerAVF2)
DRV:64bit: - [2010/03/04 02:51:40 | 000,540,696 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iastor.sys -- (iaStor)
DRV:64bit: - [2009/09/30 18:51:42 | 000,046,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\wpdusb.sys -- (WpdUsb)
DRV:64bit: - [2009/06/17 09:08:24 | 000,017,992 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\OSDACPI.SYS -- (ACPIService)
DRV:64bit: - [2009/01/19 13:41:48 | 000,609,280 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\netr28x.sys -- (netr28x)
DRV:64bit: - [2008/07/08 18:44:36 | 000,492,544 | ---- | M] (Analog Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ADIHdAud.sys -- (ADIHdAudAddService)
DRV:64bit: - [2008/05/06 15:06:00 | 000,014,464 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\wdcsam64.sys -- (WDC_SAM)
DRV:64bit: - [2008/02/14 08:56:14 | 000,160,768 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\Rtlh64.sys -- (RTL8169)
DRV - [2012/12/23 22:13:34 | 000,297,240 | ---- | M] (Trusteer Ltd.) [Kernel | System | Running] -- C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys -- (RapportPG64)
DRV - [2012/12/23 22:13:34 | 000,055,096 | ---- | M] (Trusteer Ltd.) [Kernel | System | Running] -- C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys -- (RapportEI64)
DRV - [2012/11/01 15:48:02 | 000,505,720 | ---- | M] () [Kernel | System | Running] -- C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\43926\RapportCerberus64_43926.sys -- (RapportCerberus_43926)
DRV - [2010/03/05 19:07:54 | 000,396,336 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Symantec\Definitions\SymcData\ipsdefs\20100510.001\IDSviA64.sys -- (IDSvia64)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.safesearc...398266676E843BB
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.safesearc...398266676E843BB
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {4B51C980-C6B0-11E1-9136-AED16088709B}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{4B51C980-C6B0-11E1-9136-AED16088709B}: "URL" = http://www.safesearc...398266676E843BB
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE:64bit: - HKLM\..\SearchScopes\{9039911D-F3FC-4C26-A21B-2499F8B2F47B}: "URL" = http://www.ask.com/w...}&l=dis&o=ushpd
IE:64bit: - HKLM\..\SearchScopes\{C039EE20-DBE6-4877-AB22-510A8701349C}: "URL" = http://search.yahoo....ing}&fr=hp-pvdt
IE:64bit: - HKLM\..\SearchScopes\{FC0C0170-4EB0-430D-A7F3-939EE7EA1A25}: "URL" = http://www.safesearc...398266676E843BB
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...ossfire&pf=cndt
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.safesearc...398266676E843BB
IE - HKLM\..\SearchScopes,DefaultScope = {4B51C980-C6B0-11E1-9136-AED16088709B}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{4B51C980-C6B0-11E1-9136-AED16088709B}: "URL" = http://www.safesearc...398266676E843BB
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKLM\..\SearchScopes\{9039911D-F3FC-4C26-A21B-2499F8B2F47B}: "URL" = http://www.ask.com/w...}&l=dis&o=ushpd
IE - HKLM\..\SearchScopes\{C039EE20-DBE6-4877-AB22-510A8701349C}: "URL" = http://search.yahoo....ing}&fr=hp-pvdt

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.safesearc...398266676E843BB
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.safesearc...398266676E843BB
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
IE - HKCU\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
IE - HKCU\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{4B51C980-C6B0-11E1-9136-AED16088709B}: "URL" = http://www.safesearc...398266676E843BB
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKCU\..\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}: "URL" = http://127.0.0.1:466...q={searchTerms}
IE - HKCU\..\SearchScopes\{732FC961-4F9C-497D-A3B7-E4BE3A40CDA5}: "URL" = http://websearch.ask...7B-1745703CCB42
IE - HKCU\..\SearchScopes\{9039911D-F3FC-4C26-A21B-2499F8B2F47B}: "URL" = http://www.ask.com/w...}&l=dis&o=ushpd
IE - HKCU\..\SearchScopes\{C039EE20-DBE6-4877-AB22-510A8701349C}: "URL" = http://search.yahoo....ing}&fr=hp-pvdt
IE - HKCU\..\SearchScopes\{FC0C0170-4EB0-430D-A7F3-939EE7EA1A25}: "URL" = http://www.safesearc...398266676E843BB
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;<local>

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "SafeSearch"
FF - prefs.js..browser.search.defaultenginename: "SafeSearch"
FF - prefs.js..browser.search.defaultthis.engineName: "SafeSearch Web Search"
FF - prefs.js..browser.search.defaulturl: "http://www.safesearc...98266676E843BB"
FF - prefs.js..browser.search.order.1: "SafeSearch"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.com/"
FF - prefs.js..extensions.enabledAddons: {1FD91A9C-410C-4090-BBCC-55D3450EF433}:1.0
FF - prefs.js..extensions.enabledAddons: {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}:6.5.0.11422
FF - prefs.js..keyword.URL: "http://www.safesearc....net/search?q="
FF - prefs.js..network.proxy.no_proxies_on: "*.local"
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_5_502_146.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_146.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@doubletwist.com/NPPodcast: C:\Program Files (x86)\Common Files\doubleTwist\NPPodcast.dll (doubleTwist Corporation)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\TH Montano\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\TH Montano\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\TH Montano\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\TH Montano\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files (x86)\McAfee\SiteAdvisor [2013/01/19 08:33:13 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{D19CA586-DD6C-4a0a-96F8-14644F340D60}: C:\Program Files (x86)\Common Files\McAfee\SystemCore [2013/01/18 17:25:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/01/18 17:26:43 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

[2012/12/17 21:25:18 | 000,000,000 | ---D | M] (No name found) -- C:\Users\TH Montano\AppData\Roaming\Mozilla\Extensions
[2013/01/19 12:11:05 | 000,000,000 | ---D | M] (No name found) -- C:\Users\TH Montano\AppData\Roaming\Mozilla\Firefox\Profiles\nb2gwfpy.default\extensions
[2012/12/17 21:25:01 | 000,000,000 | ---D | M] (Searchqu Toolbar) -- C:\Users\TH Montano\AppData\Roaming\Mozilla\Firefox\Profiles\nb2gwfpy.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}
[2013/01/18 17:29:59 | 000,000,000 | ---D | M] (Ask Toolbar Toolbar) -- C:\Users\TH Montano\AppData\Roaming\Mozilla\Firefox\Profiles\nb2gwfpy.default\extensions\[email protected]
[2013/01/18 17:29:59 | 000,000,000 | ---D | M] (We-Care App) -- C:\Users\TH Montano\AppData\Roaming\Mozilla\Firefox\Profiles\nb2gwfpy.default\extensions\[email protected]
[2012/12/17 21:25:18 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2013/01/18 17:26:43 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012/12/17 21:25:18 | 000,000,000 | ---D | M] (DataMngr) -- C:\PROGRAM FILES (X86)\SEARCHQU TOOLBAR\DATAMNGR\FIREFOXEXTENSION
[2012/11/19 10:02:56 | 000,261,600 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011/04/14 13:01:38 | 000,024,376 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\mozilla firefox\components\Scriptff.dll
[2012/08/30 12:58:13 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012/12/17 21:24:34 | 000,002,519 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\Search_Results.xml
[2012/11/14 16:43:50 | 000,002,058 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - homepage: http://www.google.com/
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://www.google.com/
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\TH Montano\AppData\Local\Google\Chrome\Application\24.0.1312.52\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Disabled) = C:\Users\TH Montano\AppData\Local\Google\Chrome\Application\24.0.1312.52\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\TH Montano\AppData\Local\Google\Chrome\Application\24.0.1312.52\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\TH Montano\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Skype Click to Call (Enabled) = C:\Users\TH Montano\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.11.0.9874_0\npSkypeChromePlugin.dll
CHR - plugin: McAfee SiteAdvisor (Enabled) = C:\Users\TH Montano\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.41.123.2_0\McChPlg.dll
CHR - plugin: McAfee SiteAdvisor (Enabled) = C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Coupons Inc., Coupon Printer Manager (Enabled) = C:\Users\TH Montano\AppData\Local\Google\Chrome\Application\plugins\npMozCouponPrinter.dll
CHR - plugin: Google Talk Plugin (Enabled) = C:\Users\TH Montano\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
CHR - plugin: Google Talk Plugin Video Accelerator (Enabled) = C:\Users\TH Montano\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL
CHR - plugin: doubletwist Plugin 1, 3, 0, 0 (Enabled) = C:\Program Files (x86)\Common Files\doubleTwist\NPPodcast.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Java™ Platform SE 6 U31 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: McAfee SecurityCenter (Enabled) = c:\progra~2\mcafee\msc\npmcsn~1.dll
CHR - Extension: Google Translate = C:\Users\TH Montano\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb\1.2.4_0\
CHR - Extension: Entanglement = C:\Users\TH Montano\AppData\Local\Google\Chrome\User Data\Default\Extensions\aciahcmjmecflokailenpkdchphgkefd\2.7.9_0\
CHR - Extension: Bejeweled = C:\Users\TH Montano\AppData\Local\Google\Chrome\User Data\Default\Extensions\adpkifcfcacgmnggcbpbjbkdijciiigm\2_0\
CHR - Extension: Angry Birds = C:\Users\TH Montano\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj\1.5.0.7_0\
CHR - Extension: Keep Thinking Different = C:\Users\TH Montano\AppData\Local\Google\Chrome\User Data\Default\Extensions\ammgpoopafhlhahgjlbgdiddnjjdidnb\3_0\
CHR - Extension: AddThis - Share & Bookmark (new) = C:\Users\TH Montano\AppData\Local\Google\Chrome\User Data\Default\Extensions\cgbogdmdefihhljhfeiklfiedefalcde\2.9.9_0\
CHR - Extension: Word Search = C:\Users\TH Montano\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnjkggjhcbohgnikmegjkodmakmimlkj\1.0.0.1_0\
CHR - Extension: Word Search = C:\Users\TH Montano\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnjkggjhcbohgnikmegjkodmakmimlkj\1.0.0.1_0\~
CHR - Extension: SiteAdvisor = C:\Users\TH Montano\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.50.146.2_0\
CHR - Extension: ShopAtHome.com extension = C:\Users\TH Montano\AppData\Local\Google\Chrome\User Data\Default\Extensions\igapgnpnmadafimalefljcfplikonjpp\6.0.9.2_0\
CHR - Extension: 60 Minutes = C:\Users\TH Montano\AppData\Local\Google\Chrome\User Data\Default\Extensions\imjhdahelgojehmfmkmdfjcpfbglbfmj\0.60_0\
CHR - Extension: We-Care Reminder = C:\Users\TH Montano\AppData\Local\Google\Chrome\User Data\Default\Extensions\ippkomaaonokjnfjoikaemidanojkfmm\1.0.0.25_0\
CHR - Extension: Google Voice (by Google) = C:\Users\TH Montano\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcnhkahnjcbndmmehfkdnkjomaanaooo\2.3.6.8_0\
CHR - Extension: Wave Accounting = C:\Users\TH Montano\AppData\Local\Google\Chrome\User Data\Default\Extensions\knpkfcpnjfbniadmfchjpcigfhookhaa\1.9.5_0\
CHR - Extension: Skype Click to Call = C:\Users\TH Montano\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.5.0.11422_0\
CHR - Extension: Word\u00B2 = C:\Users\TH Montano\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpibnckjjeaabeepofhfmmpjmnomohee\2.5_0\
CHR - Extension: Poppit = C:\Users\TH Montano\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbkbpnkkkipelfledbfocopglifcfmi\2.2_0\
CHR - Extension: Google Mail Checker = C:\Users\TH Montano\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\4.4.0_0\
CHR - Extension: Curling = C:\Users\TH Montano\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhalnajmigjnpjpdbpkpgfhekbjmolhp\1.0.10_0\
CHR - Extension: Schoolshape = C:\Users\TH Montano\AppData\Local\Google\Chrome\User Data\Default\Extensions\njbnimabkphheebjheolifjlfgelkjhi\2.3_0\
CHR - Extension: Learn Spanish - Qu\u00E9 Onda Spanish = C:\Users\TH Montano\AppData\Local\Google\Chrome\User Data\Default\Extensions\pmcdjmebmeoobmdghjbjhbifoocbcmaj\1_0\

O1 HOSTS File: ([2006/09/18 15:37:24 | 000,000,761 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20120621162043.dll (McAfee, Inc.)
O2:64bit: - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg64.dll (Google Inc.)
O2:64bit: - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (no name) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - No CLSID value found.
O2 - BHO: (PodcastBHO Class) - {65134FDF-F8A5-4B3D-91D9-CDF273CFD578} - C:\Program Files (x86)\Common Files\doubleTwist\IEPodcastPlugin.dll (doubleTwist Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~2\COMMON~1\SYMANT~1\IDS\IPSBHO.dll File not found
O2 - BHO: (CmjBrowserHelperObject Object) - {6FE6A929-59D1-4763-91AD-29B61CFFB35B} - C:\Program Files (x86)\Mindjet\MindManager 10\Mm8InternetExplorer.dll (Mindjet)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120621162043.dll (McAfee, Inc.)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (WeCareReminder Class) - {D824F0DE-3D60-4F57-9EB1-66033ECD8ABB} - C:\ProgramData\WeCareReminder\IEHelperv2.5.0.dll (We-Care.com)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O4:64bit: - HKLM..\Run: [HP Health Check Scheduler] [ProgramFilesFolder]Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe File not found
O4:64bit: - HKLM..\Run: [OsdMaestro] "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe" File not found
O4:64bit: - HKLM..\Run: [SN0XRCV] C:\Windows\SysNative\spool\drivers\x64\3\SN0XRCV.exe (SHARP CORPORATION)
O4:64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [WrtMon.exe] C:\Windows\SysNative\spool\drivers\x64\3\WrtMon.exe (NewSoft Technology Corporation)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files (x86)\Ask.com\Updater\Updater.exe (Ask)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [Buttons & OSDs control application gen2] C:\Program Files (x86)\HP\Buttons & OSDs control application gen2\MediaButtons.exe ()
O4 - HKLM..\Run: [CLMLServer for HP TouchSmart] c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [EEventManager] C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [FtpServer.exe] C:\Program Files (x86)\Sharp\Sharpdesk\FtpServer.exe (SHARP CORPORATION)
O4 - HKLM..\Run: [FUFAXSTM] C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [HP KEYBOARD] C:\Program Files (x86)\Hewlett-Packard\HP KEYBOARD\HPKEYBOARD.EXE (Hewlett-Packard)
O4 - HKLM..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [IndexTray] C:\Program Files (x86)\Sharp\Sharpdesk\IndexTray.exe (SHARP CORPORATION)
O4 - HKLM..\Run: [Intuit SyncManager] C:\Program Files (x86)\Common Files\Intuit\Sync\IntuitSyncManager.exe (Intuit Inc. All rights reserved.)
O4 - HKLM..\Run: [LTCM Client] C:\Program Files (x86)\LTCM Client\ltcmClient.exe (Leader Technologies Inc.)
O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [MMReminderService] C:\Program Files (x86)\Mindjet\MindManager 10\MmReminderService.exe (Mindjet)
O4 - HKLM..\Run: [OsdMaestro] c:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD64.exe (OsdMaestro)
O4 - HKLM..\Run: [SharpTray] C:\Program Files (x86)\Sharp\Sharpdesk\SharpTray.exe (SHARP CORPORATION)
O4 - HKLM..\Run: [SoundMAX] C:\Program Files (x86)\Analog Devices\SoundMAX\SoundMAX.exe (Analog Devices, Inc.)
O4 - HKLM..\Run: [TSMAgent] c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe (CyberLink Corp.)
O4 - HKLM..\Run: [TypeRegChecker] C:\Program Files (x86)\Sharp\Sharpdesk\TypeRegChecker.exe (SHARP CORPORATION)
O4 - HKCU..\Run: [Akamai NetSession Interface] C:\Users\TH Montano\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.)
O4 - HKCU..\Run: [doubleTwist] C:\Program Files (x86)\doubleTwist 2.0\DoubleTwist.DeviceHelper.exe (doubleTwist Corporation)
O4 - HKCU..\Run: [EPSON WorkForce 310 Series] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIFHA.EXE /FU "C:\Users\THMONT~1\AppData\Local\Temp\E_SB374.tmp" /EF "HKCU" File not found
O4 - HKCU..\Run: [HPSmartCenterBoot] C:\Program Files (x86)\Hewlett-Packard\TouchSmart\SmartCenter 2.0\SmartCenter.exe (Hewlett-Packard)
O4 - HKCU..\Run: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe File not found
O4 - HKCU..\Run: [MPOptimizer] "C:\Program Files\MaxPerforma Optimizer\MaxPerforma.exe" /scan File not found
O4 - HKCU..\Run: [PMSpeed] C:\Program Files (x86)\NewSoft\Presto! PageManager 8 for EP\PMSpeed.exe (NewSoft Technology Corporation)
O4 - HKCU..\Run: [Speech Recognition] C:\Windows\Speech\Common\sapisvr.exe (Microsoft Corporation)
O4 - HKCU..\Run: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe File not found
O4 - Startup: C:\Users\TH Montano\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\TH Montano\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Users\TH Montano\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft SharePoint Workspace.lnk = File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: Send Image To MindManager - C:\Program Files (x86)\Mindjet\MindManager 10\Mm8InternetExplorer.dll (Mindjet)
O8:64bit: - Extra context menu item: Send Link To MindManager - C:\Program Files (x86)\Mindjet\MindManager 10\Mm8InternetExplorer.dll (Mindjet)
O8:64bit: - Extra context menu item: Send Page To MindManager - C:\Program Files (x86)\Mindjet\MindManager 10\Mm8InternetExplorer.dll (Mindjet)
O8:64bit: - Extra context menu item: Send Text To MindManager - C:\Program Files (x86)\Mindjet\MindManager 10\Mm8InternetExplorer.dll (Mindjet)
O8 - Extra context menu item: Send Image To MindManager - C:\Program Files (x86)\Mindjet\MindManager 10\Mm8InternetExplorer.dll (Mindjet)
O8 - Extra context menu item: Send Link To MindManager - C:\Program Files (x86)\Mindjet\MindManager 10\Mm8InternetExplorer.dll (Mindjet)
O8 - Extra context menu item: Send Page To MindManager - C:\Program Files (x86)\Mindjet\MindManager 10\Mm8InternetExplorer.dll (Mindjet)
O8 - Extra context menu item: Send Text To MindManager - C:\Program Files (x86)\Mindjet\MindManager 10\Mm8InternetExplorer.dll (Mindjet)
O9:64bit: - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
O9 - Extra Button: Send to Mindjet MindManager - {2F72393D-2472-4F82-B600-ED77F354B7FF} - C:\Program Files (x86)\Mindjet\MindManager 10\Mm8InternetExplorer.dll (Mindjet)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15:64bit: - ..Trusted Ranges: Range1 ([*] in Trusted sites)
O15 - HKLM\..Trusted Domains: //about.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //Exclude.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //LanguageSelection.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //Message.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //MyAgttryCmd.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //MyAgttryNag.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //MyNotification.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //NOCLessUpdate.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //quarantine.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //ScanNow.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //strings.vbs/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //Template.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //Update.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //VirFound.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafee.com ([*] http in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafee.com ([*] https in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([betavscan] http in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([betavscan] https in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([vs] http in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([vs] https in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([www] http in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([www] https in Trusted sites)
O15 - HKLM\..Trusted Ranges: Range1 ([*] in Trusted sites)
O15 - HKCU\..Trusted Domains: localhost ([]http in Local intranet)
O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet)
O15 - HKCU\..Trusted Ranges: Range1 ([http] in Local intranet)
O16:64bit: - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_01)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.5.1)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E7D49925-5B22-4BE0-AD19-9276052AC21F}: DhcpNameServer = 10.0.1.1
O18:64bit: - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\intu-help-qb2 - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\qbwc - No CLSID value found
O18:64bit: - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\sds - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\intu-help-qb2 {84D77A00-41B5-4b8b-8ADF-86486D72E749} - C:\Program Files (x86)\Intuit\QuickBooks 2009\HelpAsyncPluggableProtocol.dll (Intuit, Inc.)
O18 - Protocol\Handler\ms-help - No CLSID value found
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\sds {79E0F14C-9C52-4218-89A7-7C4B0563D121} - C:\Program Files (x86)\SHARP\Sharpdesk\ExplorerExtensions.dll (SHARP CORPORATION)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll (McAfee, Inc.)
O18 - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll (McAfee, Inc.)
O20 - AppInit_DLLs: (C:\PROGRA~2\Google\GOOGLE~1\GOEC62~1.DLL) - C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\TH Montano\Pictures\community_support_img.jpg
O24 - Desktop BackupWallPaper: C:\Users\TH Montano\Pictures\community_support_img.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/18 15:12:18 | 000,000,088 | ---- | M] () - G:\autorun.inf -- [ UDF ]
O33 - MountPoints2\{0c40df47-9aa4-11df-80b4-00247e27004a}\Shell - "" = AutoRun
O33 - MountPoints2\{0c40df47-9aa4-11df-80b4-00247e27004a}\Shell\AutoRun\command - "" = "H:\WD SmartWare.exe" autoplay=true
O33 - MountPoints2\{9e0ebc8a-85e6-11df-908c-00247e27004a}\Shell - "" = AutoRun
O33 - MountPoints2\{9e0ebc8a-85e6-11df-908c-00247e27004a}\Shell\AutoRun\command - "" = I:\LaunchU3.exe -a
O33 - MountPoints2\{f15cfd9c-3206-11df-8a2b-00247e27004a}\Shell - "" = AutoRun
O33 - MountPoints2\{f15cfd9c-3206-11df-8a2b-00247e27004a}\Shell\AutoRun\command - "" = I:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2013/01/21 16:42:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HijackThis
[2013/01/21 16:42:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Trend Micro
[2013/01/19 16:22:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\doubleTwist
[2013/01/19 16:22:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\doubleTwist
[2013/01/19 16:21:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\doubleTwist 2.0
[2013/01/19 11:52:13 | 000,000,000 | ---D | C] -- C:\Users\TH Montano\Documents\Add-in Express
[2013/01/19 11:51:33 | 000,000,000 | ---D | C] -- C:\Users\TH Montano\AppData\Roaming\AVSoftware
[2013/01/19 11:51:10 | 000,000,000 | ---D | C] -- C:\Program Files\SafeSearch
[2013/01/19 09:47:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2013/01/19 09:46:22 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2013/01/19 09:46:19 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2013/01/19 09:46:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2013/01/19 09:46:19 | 000,000,000 | ---D | C] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
[2013/01/19 08:45:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
[2013/01/18 13:37:14 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2013/01/18 13:37:14 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2013/01/05 16:21:33 | 000,000,000 | ---D | C] -- C:\Users\TH Montano\Documents\VOIP Phone
[2013/01/03 21:32:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
[2013/01/03 21:26:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Live
[2013/01/03 21:21:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft
[2013/01/03 21:18:50 | 000,000,000 | ---D | C] -- C:\Users\TH Montano\AppData\Local\Microsoft Corporation
[2013/01/03 21:18:25 | 000,000,000 | ---D | C] -- C:\Users\TH Montano\AppData\Local\Windows Live
[2013/01/03 21:18:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Windows Live
[2013/01/03 21:16:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Windows 7 Upgrade Advisor
[2010/07/12 10:44:17 | 001,228,416 | ---- | C] (Adobe Systems Incorporated) -- C:\Users\TH Montano\DesignPremium_CS5_LS1.exe
[1 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013/01/21 16:42:32 | 000,001,930 | ---- | M] () -- C:\Users\TH Montano\Desktop\HijackThis.lnk
[2013/01/21 16:26:00 | 000,000,928 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-937415962-3640826716-1896864481-1000UA.job
[2013/01/21 16:19:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/01/21 16:10:01 | 000,000,906 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/01/21 16:04:42 | 000,003,744 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2013/01/21 16:04:42 | 000,003,744 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2013/01/20 18:26:00 | 000,000,876 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-937415962-3640826716-1896864481-1000Core.job
[2013/01/20 18:10:01 | 000,000,902 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/01/20 17:36:25 | 000,000,508 | -H-- | M] () -- C:\Windows\tasks\Norton Security Scan for TH Montano.job
[2013/01/19 20:03:23 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/01/19 16:35:43 | 000,768,766 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/01/19 16:35:43 | 000,648,920 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/01/19 16:35:43 | 000,122,776 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/01/19 16:22:30 | 000,001,930 | ---- | M] () -- C:\Users\TH Montano\Application Data\Microsoft\Internet Explorer\Quick Launch\doubleTwist.lnk
[2013/01/19 16:22:30 | 000,001,906 | ---- | M] () -- C:\Users\Public\Desktop\doubleTwist.lnk
[2013/01/19 12:10:56 | 000,000,258 | RHS- | M] () -- C:\Users\TH Montano\ntuser.pol
[2013/01/19 09:47:26 | 000,001,696 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2013/01/19 09:27:51 | 000,002,071 | ---- | M] () -- C:\Users\TH Montano\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2013/01/19 09:27:51 | 000,002,069 | ---- | M] () -- C:\Users\TH Montano\Desktop\Google Chrome.lnk
[2013/01/19 08:47:31 | 000,000,958 | ---- | M] () -- C:\Users\TH Montano\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2013/01/19 08:47:18 | 000,000,936 | ---- | M] () -- C:\Users\TH Montano\Desktop\Dropbox.lnk
[2013/01/19 08:39:58 | 000,000,482 | ---- | M] () -- C:\Windows\tasks\SDMsgUpdate (TE).job
[2013/01/19 08:37:15 | 000,000,435 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.ics
[2013/01/19 08:35:43 | 000,493,360 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013/01/18 19:10:23 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2013/01/18 19:08:25 | 000,763,680 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013/01/18 13:46:35 | 000,009,500 | ---- | M] () -- C:\Users\TH Montano\AppData\Local\d3d9caps64.dat
[2013/01/18 13:37:59 | 000,001,356 | ---- | M] () -- C:\Users\TH Montano\AppData\Local\d3d9caps.dat
[2013/01/07 19:17:07 | 000,810,630 | ---- | M] () -- C:\Users\TH Montano\AppData\Roaming\fontlst2.opf
[2013/01/04 08:19:56 | 000,090,425 | ---- | M] () -- C:\Users\TH Montano\Desktop\Windows 7 Upgrade Advisor results.mht
[2012/12/23 22:13:34 | 000,101,688 | ---- | M] (Trusteer Ltd.) -- C:\Windows\SysNative\drivers\RapportKE64.sys
[1 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/01/21 16:42:32 | 000,001,930 | ---- | C] () -- C:\Users\TH Montano\Desktop\HijackThis.lnk
[2013/01/19 16:22:30 | 000,001,930 | ---- | C] () -- C:\Users\TH Montano\Application Data\Microsoft\Internet Explorer\Quick Launch\doubleTwist.lnk
[2013/01/19 16:22:30 | 000,001,906 | ---- | C] () -- C:\Users\Public\Desktop\doubleTwist.lnk
[2013/01/19 11:51:41 | 000,000,258 | RHS- | C] () -- C:\Users\TH Montano\ntuser.pol
[2013/01/19 09:47:26 | 000,001,696 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2013/01/04 08:19:49 | 000,090,425 | ---- | C] () -- C:\Users\TH Montano\Desktop\Windows 7 Upgrade Advisor results.mht
[2012/12/16 22:30:09 | 000,000,000 | ---- | C] () -- \extensions.sqlite
[2012/08/01 21:03:46 | 000,064,512 | ---- | C] () -- C:\Windows\SysWow64\HPPLVS.dll
[2012/06/16 15:30:02 | 000,763,680 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012/04/26 17:39:02 | 000,032,768 | ---- | C] () -- C:\Windows\SysWow64\ktdll.dll
[2012/03/03 15:33:41 | 000,009,500 | ---- | C] () -- C:\Users\TH Montano\AppData\Local\d3d9caps64.dat
[2011/07/21 15:58:31 | 000,000,016 | ---- | C] () -- C:\Windows\popcinfo.dat
[2011/07/20 01:29:44 | 000,212,545 | ---- | C] () -- C:\Users\TH Montano\coverup.jpg
[2011/06/20 15:22:01 | 000,002,048 | ---- | C] () -- C:\Users\TH Montano\AppData\Roaming\Photobook Designer Prefs
[2011/01/26 12:56:29 | 000,072,080 | ---- | C] () -- C:\Users\TH Montano\g2mdlhlpx.exe
[2010/07/12 10:44:17 | 3052,655,417 | ---- | C] () -- C:\Users\TH Montano\DesignPremium_CS5_LS1.7z
[2010/07/01 16:44:51 | 000,000,133 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
[2010/06/23 13:06:22 | 000,000,970 | ---- | C] () -- C:\Users\TH Montano\AppData\Roaming\wklnhst.dat
[2010/06/04 15:39:58 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010/05/14 15:00:26 | 000,028,314 | ---- | C] () -- C:\ProgramData\nvModes.001
[2010/05/14 08:07:06 | 000,028,314 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2010/03/17 14:55:01 | 000,810,630 | ---- | C] () -- C:\Users\TH Montano\AppData\Roaming\fontlst2.opf
[2010/03/15 18:33:34 | 000,053,248 | ---- | C] () -- C:\Users\TH Montano\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/03/12 13:23:42 | 000,001,356 | ---- | C] () -- C:\Users\TH Montano\AppData\Local\d3d9caps.dat
[2008/07/16 08:11:36 | 000,008,192 | R-S- | C] () -- \BOOTSECT.BAK
[2008/07/16 08:11:34 | 000,333,257 | RHS- | C] () -- \bootmgr
[2006/12/02 00:37:14 | 000,904,704 | ---- | C] () -- \msdia80.dll

========== ZeroAccess Check ==========

[2006/11/02 09:30:40 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/08 11:59:03 | 012,899,840 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 11:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/04/11 01:11:14 | 000,891,392 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/04/11 00:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2008/01/20 20:50:58 | 000,513,024 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2011/08/30 16:13:35 | 000,000,000 | ---D | M] -- C:\Users\TH Montano\AppData\Roaming\.minecraft
[2013/01/19 08:44:03 | 000,000,000 | ---D | M] -- C:\Users\TH Montano\AppData\Roaming\.oit
[2013/01/19 11:51:33 | 000,000,000 | ---D | M] -- C:\Users\TH Montano\AppData\Roaming\AVSoftware
[2010/07/27 09:37:20 | 000,000,000 | ---D | M] -- C:\Users\TH Montano\AppData\Roaming\bppenu11
[2012/04/26 17:39:01 | 000,000,000 | ---D | M] -- C:\Users\TH Montano\AppData\Roaming\CompuCram
[2013/01/19 08:47:38 | 000,000,000 | ---D | M] -- C:\Users\TH Montano\AppData\Roaming\Dropbox
[2012/08/30 15:17:37 | 000,000,000 | ---D | M] -- C:\Users\TH Montano\AppData\Roaming\Epson
[2010/03/12 13:30:27 | 000,000,000 | ---D | M] -- C:\Users\TH Montano\AppData\Roaming\LabTech Software
[2010/03/18 14:33:32 | 000,000,000 | ---D | M] -- C:\Users\TH Montano\AppData\Roaming\Leader Technologies
[2010/03/18 14:30:33 | 000,000,000 | ---D | M] -- C:\Users\TH Montano\AppData\Roaming\Leadertech
[2012/05/02 13:34:38 | 000,000,000 | ---D | M] -- C:\Users\TH Montano\AppData\Roaming\OpenCandy
[2011/06/20 15:21:28 | 000,000,000 | ---D | M] -- C:\Users\TH Montano\AppData\Roaming\Photobook Designer
[2010/04/13 17:42:36 | 000,000,000 | ---D | M] -- C:\Users\TH Montano\AppData\Roaming\SHARP
[2010/03/17 14:55:06 | 000,000,000 | ---D | M] -- C:\Users\TH Montano\AppData\Roaming\Sharpdesk
[2013/01/18 17:29:59 | 000,000,000 | ---D | M] -- C:\Users\TH Montano\AppData\Roaming\SmartDraw
[2010/06/23 13:06:47 | 000,000,000 | ---D | M] -- C:\Users\TH Montano\AppData\Roaming\Template
[2010/03/15 07:52:00 | 000,000,000 | ---D | M] -- C:\Users\TH Montano\AppData\Roaming\WinBatch

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 107 bytes -> C:\ProgramData\TEMP:A3E39C6A

< End of report >
  • 0

Advertisements


#2
THMontano

THMontano

    New Member

  • Topic Starter
  • Member
  • Pip
  • 7 posts
Just in case, here's the Extra file:

OTL Extras logfile created on: 1/21/2013 4:46:57 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\TH Montano\Downloads
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

4.00 Gb Total Physical Memory | 1.58 Gb Available Physical Memory | 39.59% Memory free
8.17 Gb Paging File | 2.45 Gb Available in Paging File | 29.95% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 454.36 Gb Total Space | 229.40 Gb Free Space | 50.49% Space Free | Partition Type: NTFS
Drive D: | 11.40 Gb Total Space | 1.21 Gb Free Space | 10.57% Space Free | Partition Type: NTFS
Drive E: | 57.60 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive G: | 446.77 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: UDF
Drive H: | 930.86 Gb Total Space | 812.17 Gb Free Space | 87.25% Space Free | Partition Type: NTFS

Computer Name: THMONTANO-PC | User Name: TH Montano | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UacDisableNotify" = 0
"InternetSettingsDisableNotify" = 0
"AutoUpdateDisableNotify" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = 9F 9E 16 8C DC 5B C8 01 [binary data]
"VistaSp2" = AF FC E6 93 86 C4 CA 01 [binary data]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"oobe_av" = 1

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1C589B30-FD73-4C2E-A652-12468A07A0AC}" = lport=138 | protocol=17 | dir=in | app=system |
"{1C66D0C0-D5C2-4D72-AD3A-812E8B677A45}" = lport=42000 | protocol=17 | dir=in | name=allow netfastalk |
"{2078F89C-B929-46AA-B6C8-A1C1FE4ECF54}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{2306BA9C-A826-4EE0-AA86-5DEF0D991E00}" = lport=68 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{265676D5-087A-42BA-ADCB-059274EEDDB1}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{50087784-31FE-46A7-90BF-1C4CD3F31A46}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{50F7F3A3-0D8B-44AF-BDCB-E9F0C4FD5E19}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{560C715E-4658-4185-8CEE-499567EC7FBB}" = lport=445 | protocol=6 | dir=in | app=system |
"{5A653DC7-87E0-41AD-A30F-7EEEF82CEE59}" = lport=137 | protocol=17 | dir=in | app=system |
"{5E1D4E07-5B78-422E-9A1D-3C3DF03664AA}" = lport=53 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{74F84248-838B-49E4-8F4C-95A8CB5A2C9D}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{77FEFEA7-F8A4-4FC1-AE3D-303D207F8B39}" = lport=2869 | protocol=6 | dir=in | app=system |
"{88F78935-158F-46A9-A239-41546138D5A7}" = lport=547 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{921A9370-A802-4522-A70F-E6DA11D3F728}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{A1035F60-88D3-4D77-B5A3-DD91710ACC71}" = lport=2869 | protocol=6 | dir=in | app=system |
"{AB5665D4-DD6D-420E-908E-7AA1CE78CEA0}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office14\outlook.exe |
"{ABCF7434-0CF2-4634-BBD0-AA2D5AC5DC75}" = lport=67 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{B17B7543-EBDC-4E34-8005-702136EF6C43}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{B24D72B5-1314-475C-9944-F2515530B42D}" = lport=10243 | protocol=6 | dir=in | app=system |
"{B37EED52-302D-44DA-B35B-522075D089EB}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{B73532ED-37FC-46C6-A764-5A82D4205EC3}" = rport=137 | protocol=17 | dir=out | app=system |
"{BCEF4446-BBCD-4C57-A5DF-20ED17014E59}" = lport=139 | protocol=6 | dir=in | app=system |
"{C326C9DF-C7D3-4DD0-B0C9-1FBBC01277DA}" = rport=138 | protocol=17 | dir=out | app=system |
"{D471C8FD-D6C6-4529-8E72-189BC20E72A8}" = rport=10243 | protocol=6 | dir=out | app=system |
"{D5C4D8E7-EB00-4A80-9939-15F4EF6CAFF0}" = lport=4995 | protocol=6 | dir=in | name=allow local vnc |
"{D9770C75-189E-4A31-AFC8-585A6ABD1336}" = rport=139 | protocol=6 | dir=out | app=system |
"{E8100113-79DE-4955-A2D6-64908A4F9182}" = rport=2869 | protocol=6 | dir=out | app=system |
"{F2FDAB27-42CF-42A2-B111-E82F9F53CAF2}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{F57D2C0A-DDBC-4BF9-AEDF-B60B7BEB171D}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{FC9CDF12-43F0-46FC-9A5A-6318080F385D}" = rport=445 | protocol=6 | dir=out | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{070DB6EE-BB2D-4195-A02D-A6D94F8AB526}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{08E623F4-E122-49C3-B9D2-A0737AAB485D}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\hptouchsmartphoto.exe |
"{090B8488-5861-44F0-9924-700505747B4C}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\tsmagent.exe |
"{0D854B25-86D0-474F-B6D9-8A793A966853}" = protocol=1 | dir=in | [email protected],-28543 |
"{1051EA42-9CFD-4B0C-B757-661256199A8A}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"{1148D83D-CDDD-4D30-B719-5814034C6EFC}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\hptouchsmartvideo.exe |
"{14045AB9-9817-4F09-885D-14DB03B8C089}" = protocol=6 | dir=in | name=allow local redir |
"{18026773-AE2D-4E4B-B265-A07EC8432D21}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\hptouchsmartmusic.exe |
"{1B1D0CA7-CD1C-4CB4-9BD1-F1F265FF77FC}" = protocol=1 | dir=out | [email protected],-28544 |
"{1BDE612D-2511-47E0-963A-A4ADE794D742}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{1D0DF4AF-EC2C-4299-9989-F5D575CEBA6B}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{2453B5C5-B8D7-4119-8E7A-90E375299E42}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{2A955F0E-E0A2-4C88-BD6C-E2C2DB206397}" = protocol=6 | dir=in | app=c:\program files (x86)\mcafee\managed virusscan\agent\myagtsvc.exe |
"{3122E2E7-3906-43A8-8E5E-43224CC09E50}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{3A525FE6-6282-40F6-9A9B-A407A1E6F6D9}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{4299D8A0-4764-43B3-8598-C1EABD02BE54}" = protocol=58 | dir=in | [email protected],-28545 |
"{430944A1-FA84-48AF-9ECF-330DDBDB907B}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{46679166-9B0C-46B2-88B9-11B9A946517D}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{46914B25-112B-49CD-9FCD-B3A1B714FEB3}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{47E12432-D0C8-47A2-9355-4D1FDF3DC24B}" = dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{48606AFB-69F3-4F22-83D4-0B334DA631AA}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{4F86784F-80F3-4832-8886-FDF2BB73D837}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{558379F8-35A6-4EE8-A88E-597180821EB2}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{56BF9242-E05F-4D47-A6CA-A6E8E2567A2D}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\x64\3\hp1006mc.exe |
"{59AD780B-6E62-41B1-945E-91747B502D37}" = dir=out | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{5F806C03-E742-4D56-9EBC-F074B9F7D0AE}" = protocol=58 | dir=out | [email protected],-28546 |
"{600E5F3E-94D9-4790-AD34-ABF0917C7470}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{679B1C06-6535-4D40-BB59-E29BD12ACB04}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{6ABB4FE7-49E5-4292-8CAD-5A3977A33F51}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{6DEFDD3D-229B-4ACD-9AAF-B4BD48E96778}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{6EE15B68-806A-4E09-960C-64DF167D4393}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\x64\3\hp1006mc.exe |
"{761A48DD-ECD4-4035-BDEA-66D3460A6BCD}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{762007DC-4252-47DA-A57F-F101C97FDBBA}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{776973C4-4216-4CEA-A401-F0128E4C9A38}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{777B338F-4646-4BCB-8323-248C8B70043E}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{7AB91383-A2D4-4FE0-8E73-39FC2DDB96FB}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\clml\clmlsvc.exe |
"{8320B33C-D8DB-4542-AF2F-BBBBC7292267}" = protocol=17 | dir=in | app=c:\program files (x86)\sharp\sharpdesk\netscantool.exe |
"{8782A6AA-4A1C-48B6-B75F-70D02C8E2B0F}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{93718A56-5BE0-4B0E-81D8-3F40ADD43469}" = protocol=6 | dir=in | app=c:\users\th montano\appdata\local\temp\7zs25cc\hpdiagnosticcoreui.exe |
"{93E6F39A-9994-446F-A81B-31CB28EA2F70}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{952D749A-B15D-40E2-B715-C76860866010}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{99AE7FBE-4AE7-4083-92F5-15D9ED132E6F}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{9A4050C7-C2E1-4F73-B24A-5B3200D84DA8}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{9B80AA8B-3443-4F3F-85AA-1631D8EE66D1}" = protocol=6 | dir=out | app=system |
"{A693FA75-6523-4815-8605-6C6595070528}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{B0654FAE-605E-4015-9F29-4AA07025186F}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{BE3691CC-C140-4B5C-9D0F-8FA362975E84}" = protocol=17 | dir=in | app=c:\program files (x86)\mcafee\managed virusscan\agent\myagtsvc.exe |
"{C28D98D9-7AC3-4662-964A-D7C65D8B2DD5}" = dir=in | app=c:\program files (x86)\cyberlink\powerdirector\pdr.exe |
"{C30436F5-54D4-4699-8B4A-CEA006538611}" = protocol=17 | dir=in | app=c:\users\th montano\appdata\local\temp\7zs25cc\hpdiagnosticcoreui.exe |
"{CA14D920-848F-4C6C-A7EC-E98A1F155F13}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{D14FA727-FC50-497A-AF5C-ECC975D69CD7}" = protocol=58 | dir=in | [email protected],-148 |
"{D5451756-1D00-4AC0-98F1-CBA67D93DA34}" = protocol=6 | dir=in | name=allow local redir |
"{DAA9F57A-C26F-40DA-ACE9-106C77475CE5}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{DE0E6F1B-9558-4611-B46A-3FDABAC2FEF4}" = protocol=6 | dir=in | app=c:\users\guest\appdata\roaming\dropbox\bin\dropbox.exe |
"{E996D501-3671-43AF-AD13-3BDDC2780262}" = protocol=6 | dir=in | app=c:\program files (x86)\sharp\sharpdesk\netscantool.exe |
"{EE53387E-3869-4A94-8F92-60D9C4D532BA}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{EFF113B2-B5BC-4014-949B-29C24B2B5AC5}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{FA407541-0791-4B8B-8C8E-1F87D0093684}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"{FD5CEDB0-B1CA-48E1-8FEC-694AA9881497}" = protocol=17 | dir=in | app=c:\users\guest\appdata\roaming\dropbox\bin\dropbox.exe |
"TCP Query User{74FA9222-872D-4DAF-9C66-6BB30D10DBCC}C:\windows\system32\spool\drivers\x64\3\sn0xnjr.exe" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\x64\3\sn0xnjr.exe |
"TCP Query User{AFE569F0-DBDF-4161-BF81-C4896F8AAECC}C:\program files\microsoft office\office14\groove.exe" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"TCP Query User{B69913CA-1874-4C2B-AC2A-DDD0321F3671}C:\program files (x86)\sharp\sharpdesk\ftpserver.exe" = protocol=6 | dir=in | app=c:\program files (x86)\sharp\sharpdesk\ftpserver.exe |
"TCP Query User{CBB6D969-1E0A-490E-A1E2-752A1FC9DBD6}C:\program files (x86)\epson software\event manager\eeventmanager.exe" = protocol=6 | dir=in | app=c:\program files (x86)\epson software\event manager\eeventmanager.exe |
"TCP Query User{D752B4F7-C7AF-45B3-89D1-AEDD6EE6F787}C:\program files (x86)\sharp\printer status monitor\smon.exe" = protocol=6 | dir=in | app=c:\program files (x86)\sharp\printer status monitor\smon.exe |
"UDP Query User{354B9427-453E-497C-ACF5-3CDA9914D45D}C:\program files (x86)\sharp\sharpdesk\ftpserver.exe" = protocol=17 | dir=in | app=c:\program files (x86)\sharp\sharpdesk\ftpserver.exe |
"UDP Query User{3561E523-B80F-4BE5-B70D-27756BFEE528}C:\program files\microsoft office\office14\groove.exe" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"UDP Query User{549EF431-2378-4191-A41C-4D666CE1CF08}C:\program files (x86)\sharp\printer status monitor\smon.exe" = protocol=17 | dir=in | app=c:\program files (x86)\sharp\printer status monitor\smon.exe |
"UDP Query User{94204BBC-6A2F-4DCC-88C5-41400F774498}C:\windows\system32\spool\drivers\x64\3\sn0xnjr.exe" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\x64\3\sn0xnjr.exe |
"UDP Query User{FA00A3E0-A04E-435B-922B-4D996AE94A98}C:\program files (x86)\epson software\event manager\eeventmanager.exe" = protocol=17 | dir=in | app=c:\program files (x86)\epson software\event manager\eeventmanager.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0E5D76AD-A3FB-48D5-8400-8903B10317D3}" = iTunes
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{1DD81E7D-0D28-4CEB-87B2-C041A4FCB215}" = Rapport
"{243579CC-CCE4-42F2-B48B-C90D15687A26}" = HP Touch Screen Configuration
"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{83659AA0-4F77-4631-BB20-82F73FF428D4}" = SymNet x64
"{89BDAE1A-7B8E-4A0E-A169-02F7F366451D}" = iCloud
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90140000-0011-0000-1000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{7BC9B5EB-125A-4E9B-97E1-8D85B5E960B8}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0015-0409-1000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0015-0409-1000-0000000FF1CE}_Office14.PROPLUS_{EC583796-6BBB-47DD-B9CE-B5DA12D71135}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0409-1000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0016-0409-1000-0000000FF1CE}_Office14.PROPLUS_{EC583796-6BBB-47DD-B9CE-B5DA12D71135}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0409-1000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0018-0409-1000-0000000FF1CE}_Office14.PROPLUS_{EC583796-6BBB-47DD-B9CE-B5DA12D71135}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0409-1000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-0019-0409-1000-0000000FF1CE}_Office14.PROPLUS_{EC583796-6BBB-47DD-B9CE-B5DA12D71135}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0409-1000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001A-0409-1000-0000000FF1CE}_Office14.PROPLUS_{EC583796-6BBB-47DD-B9CE-B5DA12D71135}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0409-1000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001B-0409-1000-0000000FF1CE}_Office14.PROPLUS_{EC583796-6BBB-47DD-B9CE-B5DA12D71135}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-1000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-1000-0000000FF1CE}_Office14.PRJPROR_{0242505C-4E90-407F-9299-B5B275F50D86}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-1000-0000000FF1CE}_Office14.PROPLUS_{0242505C-4E90-407F-9299-B5B275F50D86}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-1000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-1000-0000000FF1CE}_Office14.PRJPROR_{B51389C8-2890-4633-81D8-47D2A7402274}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-1000-0000000FF1CE}_Office14.PROPLUS_{B51389C8-2890-4633-81D8-47D2A7402274}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0C0A-1000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-001F-0C0A-1000-0000000FF1CE}_Office14.PRJPROR_{1779650B-2E44-4A19-8DF6-3866D645764A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0C0A-1000-0000000FF1CE}_Office14.PROPLUS_{1779650B-2E44-4A19-8DF6-3866D645764A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0409-1000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-002C-0409-1000-0000000FF1CE}_Office14.PROPLUS_{270CA0B9-9881-44DB-BC3B-37C7E66A044A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0043-0000-1000-0000000FF1CE}" = Microsoft Office Office 32-bit Components 2010
"{90140000-0043-0000-1000-0000000FF1CE}_Office14.PRJPROR_{E8B6D35B-0B6F-4DCE-9493-859BF3809A7F}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{E8B6D35B-0B6F-4DCE-9493-859BF3809A7F}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0043-0409-1000-0000000FF1CE}" = Microsoft Office Shared 32-bit MUI (English) 2010
"{90140000-0043-0409-1000-0000000FF1CE}_Office14.PROPLUS_{FCD1C311-8B02-4DBD-BA46-1079C629577E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0044-0409-1000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2010
"{90140000-0044-0409-1000-0000000FF1CE}_Office14.PROPLUS_{EC583796-6BBB-47DD-B9CE-B5DA12D71135}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0409-1000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-006E-0409-1000-0000000FF1CE}_Office14.PROPLUS_{516CA4A9-98E6-4F77-A863-CBD8487368E4}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0409-1000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-00A1-0409-1000-0000000FF1CE}_Office14.PROPLUS_{EC583796-6BBB-47DD-B9CE-B5DA12D71135}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00B4-0409-1000-0000000FF1CE}" = Microsoft Office Project MUI (English) 2010
"{90140000-00B4-0409-1000-0000000FF1CE}_Office14.PRJPROR_{316A864B-0547-40CE-B136-B02B4D18BF09}" = Microsoft Project 2010 Service Pack 1 (SP1)
"{90140000-00BA-0409-1000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2010
"{90140000-00BA-0409-1000-0000000FF1CE}_Office14.PROPLUS_{EC583796-6BBB-47DD-B9CE-B5DA12D71135}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0115-0409-1000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0115-0409-1000-0000000FF1CE}_Office14.PROPLUS_{516CA4A9-98E6-4F77-A863-CBD8487368E4}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0117-0409-1000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{90140000-0117-0409-1000-0000000FF1CE}_Office14.PROPLUS_{EC583796-6BBB-47DD-B9CE-B5DA12D71135}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{91140000-003B-0000-1000-0000000FF1CE}" = Microsoft Office Project Professional 2010
"{91140000-003B-0000-1000-0000000FF1CE}_Office14.PRJPROR_{E6F88893-86F0-4CFB-B7E0-733575D1DEB4}" = Microsoft Project 2010 Service Pack 1 (SP1)
"{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}" = Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D70884EA-E2CE-4539-91DB-4766CC1E5F5F}" = Apple Mobile Device Support
"{EF79C448-6946-4D71-8134-03407888C054}" = Shared C Run-time for x64
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"EPSON WorkForce 310 Series" = EPSON WorkForce 310 Series Printer Uninstall
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"Office14.PRJPROR" = Microsoft Project Professional 2010
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"OsdMaestro" = HP On-Screen Cap/Num/Scroll Lock Indicator

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"{03D57353-071B-4D21-982A-CC35C962A7C4}" = Mindjet MindManager 2012
"{0A0458A3-079B-4F35-85D7-B73EE3C72BA4}" = TransferBigFiles Desktop Client
"{0A2C5854-557E-48C8-835A-3B9F074BDCAA}" = Python 2.5
"{0AEF384B-610F-4309-8DA3-91834FE4E80E}" = Sharpdesk
"{0CBE6C93-CB2E-4378-91EE-12BE6D4E2E4A}" = Epson FAX Utility
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{13086F8B-2AA9-4488-BC9C-BB6B912A5524}" = muvee autoProducer 6.1
"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{1DD81E7D-0D28-4CEB-87B2-C041A4FCB215}" = Rapport
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite Deluxe
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{254C37AA-6B72-4300-84F6-98A82419187E}" = Hewlett-Packard Active Check for Health Check
"{26A24AE4-039D-4CA4-87B4-2F83217007FF}" = Java 7 Update 9
"{2F00631E-D6E4-4B0B-8F8E-090E881CECFD}" = LabTech Agent Service
"{3248F0A8-6813-11D6-A77B-00B0D0160010}" = Java™ SE Runtime Environment 6 Update 1
"{388E4B09-3E71-4649-8921-F44A3A2954A7}" = Microsoft Visual Studio 2005 Tools for Office Runtime
"{3E9E68FB-49FA-410A-8787-424F2A506E0F}" = Business Plan Pro 15th Anniversary Edition
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{43D16DA8-BF42-3C62-89D3-3AD47829DC2E}" = Google Talk Plugin
"{48F22622-1CC2-4A83-9C1E-644DD96F832D}" = Epson Event Manager
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4F41AD68-89F2-4262-A32C-2F70B01FCE9E}" = Photo Story 3 for Windows
"{55979C41-7D6A-49CC-B591-64AC1BBE2C8B}" = HP Picasso Media Center Add-In
"{56B777D9-9D85-4A81-BF59-1EED7401ADC4}" = Google Cloud Connect for Microsoft Office
"{5A3736D0-2105-40D5-971C-4FFC2E2C6373}" = HP TouchSmart Calendar
"{5A627DFB-EA4C-4FFA-B711-69E849FB40D8}" = Buttons & OSDs control application gen2
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = Hewlett-Packard Asset Agent for Health Check
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{73CD9967-000C-49C6-A900-C87D5B2D253F}" = Presto! PageManager 8.15.01 SE
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{787D1A33-A97B-4245-87C0-7174609A540C}" = HP Update
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{87C2248A-C7DD-49ED-9BCD-B312A9D0819E}" = Epson Easy Photo Print 2
"{89BA1176-0C98-483D-9CAF-EBBC4EEE5DB3}" = VitalSource Bookshelf
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90140000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2010
"{987F1753-1F42-4DF2-A5EA-0CCB777F3EB0}" = CWA Reminder by We-Care.com v4.0.19.3
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A2F0810-3622-4E86-9072-973FBE1679C5}" = QuickBooks Pro 2009
"{9A2F0810-369F-4E86-9072-973FBE1679C5}" = QuickBooks
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9DBA770F-BF73-4D39-B1DF-6035D95268FC}" = HP Customer Feedback
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.5)
"{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}" = QuickTime
"{B194272D-1F92-46DF-99EB-8D5CE91CB4EC}" = Adobe AIR
"{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}" = HP TouchSmart Media
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{C27C82E4-9C53-4D76-9ED3-A01A3D5EE679}" = HP Customer Experience Enhancements
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{C779648B-410E-4BBA-B75B-5815BCEFE71D}" = Safari
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
"{CCE825DB-347A-4004-A186-5F4A6FDD8547}" = Apple Application Support
"{CD7E9E0C-201A-4BB2-8AE6-D939E4511D65}" = HP TouchSmart
"{D7BA6898-F0D0-4F23-898B-928530DAF061}" = HP Touch Screen Enhance Service
"{DA4E6EB8-C15C-48BD-9462-DB293C239697}" = Visual C++ 8.0 x64 Runtime Setup Package
"{E0810CC2-4B5B-4439-B1D0-452306AF2D64}" = HP Active Support Library
"{E6C82F8F-2031-4825-8CC3-98C5960875C1}" = Epson CreativeZone
"{E9E34215-82EF-4909-BE2F-F581F0DC9062}" = DirectX for Managed Code Update (Summer 2004)
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F31E9A47-0177-4DB6-849C-6BE6DA942A45}" = HP TouchSmart Notes
"{f32502b5-5b64-4882-bf61-77f23edcac4f}" = HP Total Care Advisor
"{F44F0A3A-2110-4705-B5EC-D5B6371F53C1}" = Visual C++ 8.0 x86 Runtime Setup Package
"{FA3B34BE-4246-4062-90A3-34CBBEA12B72}" = HPTCSSetup
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Akamai" = Akamai NetSession Interface Service
"BFG-Bejeweled 2 Deluxe" = Bejeweled 2 Deluxe
"Coupon Printer for Windows5.0.0.1" = Coupon Printer for Windows
"doubleTwist" = doubleTwist
"EPSON PC-FAX Driver 2" = Epson PC-FAX Driver
"EPSON Scanner" = EPSON Scan
"ffdshow_is1" = ffdshow [rev 2527] [2008-12-19]
"Google Desktop" = Google Desktop
"HijackThis" = HijackThis 2.0.2
"Home Inspection CompuCram" = Home Inspection CompuCram
"Host OpenAL (ADI)" = Host OpenAL (ADI)
"HP KEYBOARD V1.5.2_is1" = HP KEYBOARD V1.5.2
"HP LaserJet P1000 series" = HP LaserJet P1000 series
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"InstallShield_{0AEF384B-610F-4309-8DA3-91834FE4E80E}" = Sharpdesk
"InstallShield_{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}" = HP TouchSmart Media
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
"LTCM Client" = LTCM Client
"McAfee Security Scan" = McAfee Security Scan Plus
"Microsoft Visual Studio 2005 Tools for Office Runtime" = Visual Studio 2005 Tools for Office Second Edition Runtime
"Mozilla Firefox 16.0.2 (x86 en-US)" = Mozilla Firefox 16.0.2 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MSC" = McAfee SecurityCenter
"NSS" = Norton Security Scan
"PC-Doctor 5 for Windows" = Hardware Diagnostic Tools
"Printer Status Monitor" = Printer Status Monitor Version 4.2.0
"PsuedoLiveUpdate" = LiveUpdate (Symantec Corporation)
"Rapport_msi" = Rapport
"SHARP MX-2300 2700 3500 4500 Series PC-Fax Driver" = SHARP MX/DX Series PC-Fax Driver
"SHARP MX-2300 2700 3500 4500 Series PCL PS Printer Driver" = SHARP MX/DX Series PCL/PS Printer Driver
"SHARP XPS A Printer Driver" = SHARP XPS A Printer Driver
"SmartDraw 2013" = SmartDraw 2013
"sp40348" = sp40348
"sp41121" = sp41121
"sp44626" = sp44626
"uCertify CAPM" = uCeritify CAPM - CAPM - Certified Associate in Project Management (Fourth Edition)
"WildTangent hp Master Uninstall" = My HP Games
"Yahoo! Companion" = Yahoo! Toolbar

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{79A765E1-C399-405B-85AF-466F52E918B0}" = Ask Toolbar Updater
"Akamai" = Akamai NetSession Interface
"Dropbox" = Dropbox
"Google Chrome" = Google Chrome
"GoToMeeting" = GoToMeeting 4.8.0.723
"JoinMe" = join.me
"Photobook Designer" = Photobook Designer

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 3/13/2011 2:35:42 AM | Computer Name = THMontano-PC | Source = Microsoft-Windows-CAPI2 | ID = 131585
Description =

Error - 3/13/2011 2:35:43 AM | Computer Name = THMontano-PC | Source = Microsoft-Windows-CAPI2 | ID = 131585
Description =

Error - 3/14/2011 1:40:06 AM | Computer Name = THMontano-PC | Source = Microsoft-Windows-CAPI2 | ID = 131585
Description =

Error - 3/14/2011 1:40:06 AM | Computer Name = THMontano-PC | Source = Microsoft-Windows-CAPI2 | ID = 131585
Description =

Error - 3/15/2011 1:00:00 AM | Computer Name = THMontano-PC | Source = Microsoft-Windows-CAPI2 | ID = 131585
Description =

Error - 3/15/2011 1:00:01 AM | Computer Name = THMontano-PC | Source = Microsoft-Windows-CAPI2 | ID = 131585
Description =

Error - 3/16/2011 1:22:23 AM | Computer Name = THMontano-PC | Source = Microsoft-Windows-CAPI2 | ID = 131585
Description =

Error - 3/16/2011 1:22:23 AM | Computer Name = THMontano-PC | Source = Microsoft-Windows-CAPI2 | ID = 131585
Description =

Error - 3/17/2011 1:41:11 AM | Computer Name = THMontano-PC | Source = Microsoft-Windows-CAPI2 | ID = 131585
Description =

Error - 3/17/2011 1:41:11 AM | Computer Name = THMontano-PC | Source = Microsoft-Windows-CAPI2 | ID = 131585
Description =

[ Media Center Events ]
Error - 5/17/2011 12:51:32 AM | Computer Name = THMontano-PC | Source = ehRecvr | ID = 3
Description =

Error - 5/17/2011 12:51:35 AM | Computer Name = THMontano-PC | Source = ehRecvr | ID = 3
Description =

Error - 5/17/2011 12:51:39 AM | Computer Name = THMontano-PC | Source = ehRecvr | ID = 3
Description =

Error - 5/17/2011 12:55:06 AM | Computer Name = THMontano-PC | Source = ehRecvr | ID = 3
Description =

Error - 5/17/2011 12:56:00 AM | Computer Name = THMontano-PC | Source = ehRecvr | ID = 3
Description =

Error - 6/12/2011 12:19:14 PM | Computer Name = THMontano-PC | Source = ehRecvr | ID = 3
Description =

Error - 7/10/2012 9:43:37 PM | Computer Name = THMontano-PC | Source = ehRecvr | ID = 3
Description =

Error - 7/26/2012 9:47:35 PM | Computer Name = THMontano-PC | Source = Recording | ID = 19
Description = The recording schedule has been corrupted and was automatically deleted
on 07/26/2012 20:47:35. You may need to reschedule your recordings.

Error - 12/21/2012 7:42:46 PM | Computer Name = THMontano-PC | Source = Recording | ID = 19
Description = The recording schedule has been corrupted and was automatically deleted
on 12/21/2012 17:42:45. You may need to reschedule your recordings.

Error - 12/21/2012 7:42:47 PM | Computer Name = THMontano-PC | Source = Recording | ID = 19
Description = The recording schedule has been corrupted and was automatically deleted
on 12/21/2012 17:42:47. You may need to reschedule your recordings.

[ System Events ]
Error - 1/21/2013 1:59:07 PM | Computer Name = THMontano-PC | Source = Service Control Manager | ID = 7031
Description =

Error - 1/21/2013 2:01:03 PM | Computer Name = THMontano-PC | Source = Service Control Manager | ID = 7031
Description =

Error - 1/21/2013 2:03:07 PM | Computer Name = THMontano-PC | Source = Service Control Manager | ID = 7031
Description =

Error - 1/21/2013 2:05:07 PM | Computer Name = THMontano-PC | Source = Service Control Manager | ID = 7031
Description =

Error - 1/21/2013 2:07:07 PM | Computer Name = THMontano-PC | Source = Service Control Manager | ID = 7034
Description =

Error - 1/21/2013 2:12:59 PM | Computer Name = THMontano-PC | Source = Service Control Manager | ID = 7034
Description =

Error - 1/21/2013 2:17:07 PM | Computer Name = THMontano-PC | Source = Service Control Manager | ID = 7034
Description =

Error - 1/21/2013 2:41:07 PM | Computer Name = THMontano-PC | Source = Service Control Manager | ID = 7034
Description =

Error - 1/21/2013 2:46:26 PM | Computer Name = THMontano-PC | Source = Service Control Manager | ID = 7034
Description =

Error - 1/21/2013 3:13:24 PM | Computer Name = THMontano-PC | Source = Service Control Manager | ID = 7034
Description =


< End of report >
  • 0

#3
THMontano

THMontano

    New Member

  • Topic Starter
  • Member
  • Pip
  • 7 posts
Problem solved!
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP